The invention relates to networks which make it possible to perform secure transactions between the users of the network, in particular monetary transactions and, more particularly, on the Internet, a method for protection against fraud in order to prevent a fraudster from giving a user the impression that the transaction in progress is secure, this being, for example, with a view to extracting from said user confidential information such as a bank card number, or supplying the purchaser with inaccurate information.
On the Internet, more and more commercial sites offer secure transactions by using certificates which guarantee, to a certain extent, that the information the purchaser will enter on the screen on the site of the vendor cannot be “stolen” by a third party to the transaction. This is achieved by establishing a signed and/or encrypted communication between the vendor and the purchaser, for example using the SSL standard.
When a vendor site is secure for the transaction to be performed, this state made known to the purchaser by visual characteristics of the browser which consist of:                the appearance of a closed padlock at the bottom of the browser window, on the left, on the right or elsewhere according to the browser used; and        the appearance, in the site address bar, of the letter “s” after “http” in order to obtain “https” at the beginning of the address.        
For the purchaser, these visual characteristics are, in general, the only proofs that the transaction to be performed will be secure. Thus, a fraudster who wishes to “steal” the confidential information of a potential purchaser or, on the contrary, mislead them by presenting them with false information, must make these visual characteristics appear on their vendor site so as to give the impression that the transaction to be performed will be secure.
In the present state of operation of browsers, it is possible to make these visual security characteristics appear in the absence of any security by using a programming language, in particular those known by the names “Java” or “ActiveX”.
This is because these languages make it possible to display, by means of an “applet”, an image superimposed on that displayed by the browser and thus make the visual security characteristics appear with a view to deceiving the purchaser on the reality of the security.
In patent application No. 00 11801 filed by the Applicant on 15 Sep. 2000, a method was described for preventing the superimposition of this image or these images in certain parts of the browser screen, in particular in parts reserved for the visual security characteristics.
This superimposition is prevented by modifying the program of the browser or of the operating system or by the addition of a third program in order to determine whether the superimposed image affects these parts reserved for the visual security characteristics and to display an alarm message or take protective measures if such is the case.
In the case of the “Java” language, the modification of the program is performed in the part of the “Java” virtual machine relating to security by adding a new security rule.
More precisely, the method described in the aforementioned patent application comprises the following steps consisting in:
(a) determining at least one area of the screen where the superimposition of an image would lead to displaying to the visitor to the site erroneous information relating to the security of the transaction in progress;
(b) detecting if an image superimposition which is requested by a site being looked at covers all or part of said area;
(c) continuing the transaction if the result of step (b) is negative; or
(d) undertaking a protective action such as displaying a warning message, disabling execution, making the content of the covered area appear again somewhere else, etc. if the result of step (b) is positive.
The method which has just been described is based on the fact that the area of the screen where the superimposition of an image would lead to displaying to the visitor to the site erroneous information relating to the security of the transaction in progress is known. Furthermore, the image which this area of the screen must contain is also known to all such as an open or closed padlock.
These two aspects have led fraudsters to perform superimpositions of security images such as the padlock in particular areas of the screen assigned to that end by the browser program.